Data breaches: What are they, and how do they happen?

It’s hard to avoid hearing about data breaches – and unfortunately, it’s almost as hard to avoid being affected by them. In this article, we’ll discuss what they are and how they happen. Then, in Part II, we’ll discuss what happens afterwards – including what you should do if you find out your own data may have been involved in someone else’s data breach.

Simply put, a “data breach” is any event in which data that’s supposed to be private is exposed to unauthorized view. What kind of data might that include? It might be databases full of personal information about individuals. For example: names, contact information, passwords, identifiers such as social security numbers, credit card data, and/or personal health data you’d rather the whole world didn’t know about. But it may also be information crucial to an organization’s success. For companies, that could mean trade secrets, product plans, or strategies. For governments, it might mean military secrets that could give a foreign adversary an advantage in warfare.

The growth of data breaches

As computers have become increasingly central to virtually all organizational processes – and more systems have become reachable by the internet – data breaches have grown in size and impact. Some milestone data breaches you might have heard about include:

• The breach of over 100 million credit card records at Target in 2013
• Attacks that compromised all three billion Yahoo user accounts in 2016-2017
• The theft of personal information about 500 million customers who stayed at Starwood Hotels from 2014-2017, including some passport numbers and encrypted credit card data
• Credit bureau Experian’s exposure of information on 143 million consumers in July 2017. In many cases, this included social security numbers, birth dates, and even drivers’ license numbers
• The June 2019 compromise of 500,000 Carecentrix medical records provided to the American Medical Collection Agency, including payment card information, social security numbers, and tests performed

How data breaches happen and are identified

Data breaches are most commonly the result of criminals who are deliberately trying to break in, access, and steal important data - whis can be for financial motives or for espionage. Nowadays, those criminals sometimes operate on behalf of governments – or with their tacit cooperation.

But data breaches can also arise from sheer carelessness. For example, one recent survey found that lost devices and paper files still cause large numbers of data breaches. The recent Capital One breach affecting over 100 million consumers was reportedly caused by sloppy configuration of its cloud services. Using tools like LeakLooker, it’s fairly easy for hackers to find databases inadvertently left exposed on the public internet.

Breach notifications may vary

In some cases, organizations quickly know they’ve been breached, and individuals discover it soon afterwards through official notifications. Or worse, they might see unauthorized credit card charges or bank withdrawals. Unfortunately, not all breaches are discovered – especially breaches where undiscovered attackers or intelligence agencies can continue to exploit their victims.

If private companies or government agencies recognize that personal information has been breached, they’re usually required to rapidly inform those individuals. According to Statista, 1,244 breaches were reported in 2018, which is actually down from 2017. Unfortunately, that good news is offset by some bad news: the number of records exposed in 2018 more than doubled.

The immense number of breaches and records mean it’s likely that your own information has been compromised at some point. In Part II of this series, we’ll discuss what to do if and when that happens to you. Until then, consider taking a key first step in protecting your data from breaches by acquiring a powerful security solution like Sophos Home and start protecting your data today.